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REMARKS 

Claims 1-3,5,7-9, 11, 13-15, 17, 19-21,23,26-29,31,33-35,37, and 40 are pending in 
the application. The foregoing amendment amends Claims 1,13, 26, 27, 33, and 40. No new 
matter has been added. 

Claim Amendments 

The claims have been amended to clarify that abstractions associated with an authorized 
user are for controlling usage of network resources on the communications network. 

Claim Rejections Under 35 ILS.C. § 101 

Claims 1-3, 5, 7-9, 26-29, 31, and 40 have been rejected under 35 U.S.C. § 101 as being 
directed to non- statutory subject matter. Applicants respectfully traverse the rejection. 

Claims 26 and 40 

Regarding claims 26 and 40, the claims recite a computer readable medium that have 
instructions meeting the requirement of subject matter for 35 U.S.C. § 101. Furthermore, the 
claims recite a storing step that constitutes a transformation step that yield a useful, concrete and 
tangible result (i.e. the abstractions). 

Claims 1-3. 5. 7-9. 27-29, and 31 

Regarding claim 1-3, 5, 7-9, 27-29, and 31, these also meet the requirement for 35 U.S.C. 
§ 101. Claims 1 and 27 store and provide abstraction that can be used by the communication 
network to control usage of network resources. As such, claims 1 and 27 provide useful, 
concrete, and tangible result (i.e. the abstractions). Claims 2-3, 5, 7-9, 28-29, and 31 depend 
from either claims 1 or 27 and as such incorporate the elements of their respective independent 
claim. Thus, claims 2-3, 5, 7-9, 28-29, and 3 1 provide the same tangible result as the 
independent claim from which they depend (i.e. the abstractions). 

Claim Rejections Under 35 U.S.C. § 103 

Claims 1-3, 5, and 26 are rejected under 35 U.S.C. 103(a) as being unpatentable over See 
(2003/0021283) in view of Curie (6,871,232). Claims 7-9, 11, 27-29 and 31 are rejected under 
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35 U.S.C. 103(a) as being unpatentable over See in view of Azarmi (5,905,715) and further in 
view of Curie. Claims 13-15 and 17 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over See in view of Nessett and Curie. Claims 19-21 and 23 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over See in view of Nessett and Curie, and further in view of Azarmi. 
Claims 33-35, 37, and 40 are rejected under 35 U.S.C. 103(a) as being unpatentable over See in 
view of Azarmi, Nessett, and Curie. 

Claims 1-3, 5, and 26 

The Examiner has admitted that See fails to describe controlling usage of a network 
resource based on the identity of an authenticated user, and associating one or more service 
abstractions with an authenticated user. The Examiner asserts that Currie teaches controlling 
usage based on the identity of an authenticated user and associating one or more service 
abstractions with an authenticated user. Applicants respectfully disagree. 

Curie primarily deals with granting access based on authentication at a central server. In 
other words, the central platform system 10 serves as the gatekeeper for access to services, 
information, or other resources offered by a service company. This is in contrast to the present 
invention in which usage of the communications network itself is controlled at the device level. 

The background of the present invention discusses such systems as described in Curie as 
well the problems with such a central authorization server type configuration. Namely, usage of 
network resources (such as devices) is still allowed. The present invention takes a different 
approach to authorization. The present invention doesn't use a central gatekeeper or 
authorization server. Instead, the present invention as set forth independent claims 1 and 26 
creates packet rules and service abstractions associated with an authenticated user. These packet 
rules and service abstractions are used to control usage of network resources (such as devices). 
Independent claims 1 and 26 have been amended to clarify how the packet rules and service 
abstractions are used. Thus, in the present invention, a determination of authorized use is made 
at each resource on a packet by packet basis. The use of network resources (which make up the 
network) is thus controlled throughout the communications network, not just at a central server. 
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Furthermore, Curie does not disclose, teach, or suggest associating one or more service 
abstractions with an authenticated user. What the Examiner as asserted as teaching such an 
association (Abstact, fig. 1 1A, col. 11, lines 50-52 and col. 17, lines 16-18, col 21, lines 50-65) 
are not service abstractions as set forth in independent claims 1 and 26. In independent claims 1 
and 26 each service abstraction represents a named set of one or more packet rules. Claims 1 
and 26 further set forth that each rule includes a condition and action to be taken if a packet 
received at a device satisfies the condition. As discussed above, Curie uses a central server/ 
authentication system. As such, Curie does not deal with packet rules for controlling usage of 
network resources as this is not how authorization is handled. Thus there is no motivation to 
combine Curie and See. 

Therefore, neither See nor Currie, alone or in combination, disclose, teach, or suggest, 
each and every element of independent claims 1 and 26. Furthermore, there is no motivation to 
combine See and Currie as the authorization of Cure is centralized and does use not the packet 
rules of See. 

Claims 2, 3, 5 depend from claim 1 and as such incorporate each and every element of 
amended claim 1 . Therefore, neither See nor Currie, alone or in combination disclose, teach, or 
suggest, each and every element claims 2, 3, and 5 

In view of the above arguments, Applicants submit that the subject matter of claims 1-3, 
5 and 26 is not obvious and respectfully request that the rejection to the claims under 35 U.S.C. 
103 be removed and the claims passed to allowance 

Claims 7-9 and 1 1 

The combination of See and Currie with Azarmi fails to disclose, teach, or suggest each 
and every element of claims 7-9 and 11. Claims 7-9 and 11-12 depend indirectly from amended 
claim 1 and as such incorporate each and every element of amended claim 1 . 

For the same reasons as set forth above, See and Curie fail to disclose, teach or suggest 
every element of claims 7-9 and 11-12. Specifically, See and Currie fail to disclose, teach or 
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suggest controlling usage of network resources based on the identity of an authenticated user 
wherein one or more of the service abstractions are associated with an authenticated user of the 
communications network for controlling usage of network resources on the communications 
network. The addition of Azarmi fails to cure this deficiency. 

Azarmi is concerned with the provision of flexible bandwidth service (FBS) provided by 
means of Asynchronous Transfer Mode (ATM) network technology. That is, the customer 
specifies bandwidth requirements on a point-to-point basis, interfaces and time of day 
requirements and the network operator provides and manages the equipment and capacity 
necessary to meet those requirements. As such, the combination See and Currie with Azarmi 
fails to disclose, teach or suggest each and every element of claims 7-9 and 11-12. 

In view of the above arguments, Applicants submit that the subject matter of claims 7-9 
and 1 1 is not obvious and respectfully request that the rejection to the claims under 35 U.S.C. 
103 be removed and the claims passed to allowance. 

Claims 27-29 and 31 

Of these claims, claim 27 is independent. Claims 28, 29 and 31 depend from amended 
claim 27 and as such incorporate each and every element of amended claim 27. 

The combination of See and Curie with Azarmi fails to teach or suggest each and every 
element of claims 27-29 and 31 . Specifically, the combination of See, Currie and Azarmi fails 
to teach or suggest controlling usage of network resources based on the identity of an 
authenticated user wherein one or more of the service abstractions are associated with an 
authenticated user of the communications network for controlling usage of network devices on 
the communications network. 

The present invention, as set forth in claims 27-29 and 3 1 is directed to controlling use of 
network resources based on the user of the communication networks. In the specific case of 
amended claims 27-29 and 3 1 there is a focus on the role of the user in the communication 
network. That is the role of the user affects the use of the communication network the user is 
granted. For example, if the communication network was a university network, the role of a user 
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may be as an undergraduate student, a graduate student, a professor, staff, or a system 
administrator. Each of these roles may be provided with a different level of usage on the 
network. As such, the role of the user is represented by a role abstraction including a set of one 
or more packet rules. This is a concept that is not suggested or taught in See, Curie or Azarmi. 
As such, the combination See with Azarmi fails to disclose teach or suggest each and every 
element of amended claims 27-29 and 3 1 . 

In view of the above arguments, Applicants submit that the subject matter of amended 
claims 27-29 and 3 1 is not obvious and respectfully request that the rejection to the claims under 
35 U.S.C. 103 be removed and the claims passed to allowance. 

Claims 13-15 and 17 

Claim 13 is independent. Claims 14, 15 and 17 depend from claim 13. Claim 13 has 
been amended to clarify that usage of the network is controlled based on the identity of an 
authenticated user and the one or more service abstractions are associated with an authenticated 
user. As claims 14, 15 and 17 depend from amended claim 13, they incorporate each and every 
element of amended claim 13. 

The combination of See, Currie, and Nessett fails to teach or suggest each and every 
element of claims 13-15 and 17. Specifically, See and Nessett fail to teach or suggest creating 
one or more service abstractions wherein the one or more service abstractions are associated 
with an autheticated user of the communication network. 

As discussed above, the present invention controls usage of the network resource based 
on the user of the network system using service abstractions representing named sets of one or 
more packet rules. This is not a concept disclosed in See or Currie. The ability to control use 
based on the user using service abstractions provides a level of flexibility not considered by See 
and Currie. The addition of Nessett fails to cure this deficiency. Nessett is cited for teaching a 
security policy management back end (32) and a security policy language interpreter (34). The 
security policy management back end (32) decides how to partition the security policy 
statements into sets of configuration data enforceable at specific nodes, and transforms the rules 
of the security policy statements into node specific configuration data enforceable at the chosen 
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nodes. The interpreter (34) interprets a script in a security policy language to provide security 
policy statements. Nessett does not teach or suggest a rule editing module to create one or more 
packet rules. As such, the combination Seeand Currie with Nessett fails to disclose, teach, or 
suggest each and every element of amended claims 13-15 and 17. 

In view of the above amendments and arguments, Applicants submit that the subject 
matter of claims 13-15 and 17 is not obvious and respectfully request that the rejection to the 
claims under 35 U.S.C. 103 be removed and the claim passed to allowance. 

Claims 19-21 and 23 

The combination of See and Currie with Nessett and Azarmi fails to teach or suggest 
each and every element of claims 19-21 and 23, as amended. Specifically the combination of 
references fails to teach or suggest controlling usage of network resources based on the identity 
of an authenticated user wherein one or more of the service abstractions are associated with an 
authenticated user of the communications network. 

Claims 19-21 and 23 depend from claim 13 and as such incorporate each and every 
element of claim 13. As discussed above in regard to amended claim 13, the combination of 
See, Curie, and Nessett does not teach or suggest controlling usage of network resources based 
on the identity of an authenticated user wherein one or more of the service abstractions are 
associated with an authenticated user of the communications network to control the usage of 
network resources on the communications network. The addition of Azarmi does not cure this 
deficiency. Likewise, as set forth in regard to claim 7-9 above, the combination of See and 
Curie with Azarmi fails to teach or suggest role abstractions representing a role of a user with 
respect to the communication network. The addition of Nessett fails to cure this deficiency. As 
such the combination of See with Nessett and Azarmi fails to teach or suggest each and every 
element of claims 19-21 and 23. 

In view of the above arguments, Applicants submit that the subject matter of claims 19- 
21 and 23 is not obvious and respectfully request that the rejection to the claims under 35 U.S.C. 
103 be removed and the claim passed to allowance. 
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Claims 33-35, 37, and 40 

Of these claims, claims 33 and 40 are independent. Claims 34, 35 and 37 depend from 
amended claim 33 and as such incorporate each and every element of amended claim 33. As 
discussed above, in regard to claims 27-29 and 3 1 , the combination of See and Currie with 
Azarmi fails to teach or suggest each and every element of claims 27-29 and 3 1 . Specifically, 
the combination of See, Curie and Azarmi fails to teach or suggest creating one or more role 
abstractions associated with an authenticated user wherein each role abstraction represents a role 
of an authenticated user with respect to the communication network. 

The present invention, as set forth in claims 33-35, 37 and 40 is directed to controlling 
use of network resources based on the user of the communication networks. In the specific case 
of claims 33-35, 37 and 40 there is a focus on the role of the user in the communication network. 
That is, the role of the user affects the use of the communication network the user is granted. 
For example, if the communication network was a university network, the role of a user may be 
as an undergraduate student, a graduate student, a professor, staff, or a system administrator. 
Each of these roles may be provided with a different level of usage on the network. As such the 
role of the user is represented by a role abstraction including a set of one or more packet rules. 
This is a concept that is not suggested or taught in See, Curie, or Azarmi. The addition of 
Nessett fails to cure this deficiency. As such, the combination See and Currie with Nessett and 
Azarmi fails to disclose teach or suggest each and every element of claims 33-35, 37 and 40, as 
amended. 

In view of the above arguments, Applicants submit that the subject matter of claims 33- 
35,37 and 40, as amended, is not obvious and respectfully request that the rejection to the claims 
under 35 U.S.C. 103 be removed and the claims passed to allowance. 
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CONCLUSION 



In view of the above amendment, applicant believes the pending application is in 
condition for allowance. 



Dated: August 13. 2007 
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